Manualshelf

Network Security Features of HP-UX 11i v1 and 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
11121314151617181920
Network Security Features of HP-UX 11i
Page 11
hardened system platform, dynamic filtering, and strong client authentication must be in place to
safeguard these servers. The communication between the servers in the DMZ and the back-end servers in
the internal network also needs to be secured. HP-UX IPSec can protect the communication between the
DMZ and the back-end servers.
HP-UX IPSec is available for download on Software Depot and on the HP-UX Application Release CD.
HP-UX IPSec Features
The key benefits and features of HP-UX IPSec are:
High-speed encryption: HP-UX IPSec uses highly tuned assembly-language implementations of
DES, Triple-DES, and AES for PA-RISC and Itanium. This greatly enhances system performance
without specialized hardware.
Manageability: HP-UX IPSec has a graphical user interface (GUI) that facilitates configuring
application-level, rule-based policies. In May of 2004, a command line interface (CLI) will be
available to facilitate batch-configuration of policies. Security administrators can inspect information
via IPsec reporting and diagnostic features. Finally, Internet Key Exchange (IKE) provides dynamic
and scalable key generation and management. Configuration files can be ported between systems to
ease reproduction of configurations on multiple HP-UX systems.
Flexible authentication capabilities: HP-UX IPSec supports preshared keys as well
as digital certificates generated byVeriSign and Baltimore. HP-UX IPSec provides a user-friendly
GUI interface for seamless certificate requests and configuration.
Interoperability: HP-UX IPSec interoperates with over 25 other IPsec implementations, including
those of Microsoft
®
, Cisco, and Linux.
IPv6 Support: HP-UX IPSec can be used to protect IPv6 traffic.
MC/ServiceGuard failover support: HP-UX IPSec provides high availability support with
MC/ServiceGuard for both local and remote failover.
Mobile IPv6 (MIPv6) support: HP-UX IPSec can protect MIPv6 traffic starting in May 2004.
Dynamic configuration update: You can make changes to IPsec policies dynamically, without
stopping and restarting IPsec, starting in May 2004.